EP4260518A1 - Device and method for authenticating products - Google Patents

Device and method for authenticating products

Info

Publication number
EP4260518A1
EP4260518A1 EP21819913.1A EP21819913A EP4260518A1 EP 4260518 A1 EP4260518 A1 EP 4260518A1 EP 21819913 A EP21819913 A EP 21819913A EP 4260518 A1 EP4260518 A1 EP 4260518A1
Authority
EP
European Patent Office
Prior art keywords
product
label
graphic element
public key
kpub
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP21819913.1A
Other languages
German (de)
French (fr)
Inventor
Cormac LUCKING
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Veritise
Original Assignee
Veritise
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Veritise filed Critical Veritise
Publication of EP4260518A1 publication Critical patent/EP4260518A1/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • G06Q30/0185Product, service or business identity fraud
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Definitions

  • the present invention generally relates to the field of solutions for the authentication and traceability of marketable goods.
  • Authentication and traceability solutions therefore aim to acquire a certain level of certainty as to the authenticity of a product.
  • - visually controllable elements e.g. anti-burglary devices, holograms, inks, etc.
  • the present invention proposes to rely on “blockchain” technology and on asymmetric cryptology to find an easily usable solution and offering its users a high level of security.
  • Blockchain technology can be defined here in general terms as being a computer system comprising a computer register which is organized in a chain of blocks (from the English "blockchain") and in which data associated with wallet holders computers can be registered.
  • the present invention more specifically proposes in this context a process for authenticating a product which comprises steps of:
  • the public key coded on the first label makes it possible to check that the product has indeed been manufactured by the manufacturer holding the digital wallet and that this product has not yet been the subject of no transactions.
  • the private key which is only readable once the product has been opened or the second label has been corrupted, is itself used to generate a second transaction to be recorded in the computer register in order to note the sale of the product there. .
  • anyone wishing to reuse the public key to counterfeit another product would fail, since this public key would then be associated with a product already sold.
  • At least one of the first and second graphic elements is in the form of a barcode or a two-dimensional code, for example a QR-code.
  • said record also includes at least one other piece of data which relates to the product and/or to the manufacturer of said product.
  • the invention also relates to a method for verifying the authenticity of a product comprising steps of:
  • an additional step is provided for acquiring data which relate to an individual acquiring said product and which have been entered beforehand on a man-machine interface.
  • an additional step is provided during which a guarantee associated with the product is generated.
  • each additional step is automatically implemented after the additional verification step.
  • the invention also relates to an authentication device comprising:
  • the invention relates to a product equipped with such an authentication device, the first label of which is affixed so that the first graphic element is visible, and the second label of which is affixed so that the second graphic element is invisible as long as said second label and/or the product remain intact.
  • said second label can be peeled off once from the product, or has a coating which conceals the second graphic element and which can be removed once, or is affixed so as to be visible only once the product has been opened.
  • FIG. 1 is a schematic view of a product that includes an authentication device according to the invention, and a mobile phone used to implement an authentication method according to the invention;
  • FIG. 2 is a graph illustrating the different entities used to implement this authentication process.
  • Figure 1 there is shown an example of product 1 that we want to be able to make it easily authenticated at the time of purchase.
  • Figure 2 there is shown the various elements of a system to ensure this authentication.
  • a client terminal 200 which allows a client to interact with the product 1 to authenticate it
  • trusted third party A a set of authentication and traceability servers 100, comprising in particular the server of a central entity (hereinafter called trusted third party A).
  • the concept of "trusted third party A" can be defined as designating a certification body for companies B wishing to be able to market products using the solution that is the subject of the present invention.
  • client C can also be defined.
  • customer will not apply to intermediary companies belonging to the marketing chains of the products marketed by companies B. On the contrary, it will only apply to end customers, i.e. people or companies that acquire the products to enjoy them.
  • Each of the authentication and traceability servers 100 stores a copy of a computer register which is organized in a chain of blocks. In the rest of the description, we will speak of “blockchain”.
  • the blockchain is thus stored on a peer-to-peer network composed of a plurality of nodes (each formed by one or more servers) which together form a distributed database. More precisely, the blockchain is stored on this distributed database by being replicated on each node.
  • a computer protocol for participating in the development of the blockchain This protocol, called “blockchain protocol”, comprises a computational process for periodically adding a new block 120 to the existing blockchain. This process implements a block validation mechanism by consensus between all or some of the nodes. It is the intercorrelation of blocks that gives the reputation of immutability to the data contained in the blockchain.
  • the blockchain protocol makes it possible here to complete the chain of blocks by recording in particular three types of information:
  • All the authentication and traceability servers 100 are connected together, here via an extended network “WAN” for “Wide Area Network” (namely advantageously the Internet).
  • WAN Wide Area Network
  • the client terminal 200 and the authentication and traceability servers 100 are also intended to communicate together via this same network.
  • the client terminal 200 may for example be in the form of a computer, a tablet, a connected watch, etc. It will be considered here that it is a mobile telephone 200.
  • This mobile telephone 200 is very conventional in the sense that it comprises a man/machine interface (typically a touch screen), a computer (typically a microprocessor), a computer memory, communication means and an image acquisition means.
  • the computer stores a computer application App, consisting of computer programs comprising instructions whose execution by the processor allows the implementation by the computer of the method described below.
  • This product can be formed by any type of element or set of commercial elements.
  • Figure 1 it is a bottle of red wine, but alternatively it could be a piece of clothing, a container, a book, a component of car or plane, a laptop computer... This list is of course in no way exhaustive.
  • the notion of “product” will of course designate the marketable goods (here the bottle of wine), but it may also include the protective packaging for this goods.
  • the notion of product may apply to the assembly formed by the bottle and its box.
  • This product 1 is equipped with an authentication device formed here of two labels 10, 20. These two labels are distinct here, but alternatively, they could be formed in one piece.
  • These labels 10, 20 are intended to be affixed to or in the product 1 for its authentication and traceability.
  • authentication we mean in particular the action which consists in verifying the original character of the product.
  • traceability we mean in particular the ability to know whether or not the product has already been sold to a customer C.
  • the first label 10 is coated with a first graphic element 11 encoding information. It is affixed to the product 1 so that the first graphic element 11 is visible. In our example, it is directly glued to the bottle of wine, so that its side on which the first graphic element 11 is located faces outwards. Alternatively, if the product included packaging (opaque protective film, box, cardboard), this first label 10 would preferably be affixed to this packaging so that the first graphic element 11 is clearly visible.
  • the second label 20 is coated with a second graphic element 21 encoding information. It is affixed to the product so that the second graphic element 21 is invisible. In our example, it is directly glued to the bottle of red wine, so that its side on which the second graphic element 21 is located faces inwards (the red wine hiding this graphic element). Alternatively, if the two labels were formed from a single piece, the two graphic elements would in our example be located on the two opposite sides of this label. Still as a variant, if the product included packaging, this second label 20 could be affixed to the inside face of this packaging or simply slipped into the packaging.
  • the objective is for the second graphic element 21 to remain invisible as long as the second label 20 and/or the product 1 remain intact (that is to say intact, uncorrupted), but for it to become visible after opening. of the product or after corruption of the second label 20.
  • This second label could be coated with scratch-off ink, allowing the second graphic element 21 to be uncovered only once.
  • This second label could comprise two layers, including a back layer on which would be inscribed the second graphic element 21 and a front protective layer that can only be peeled off from the back layer once.
  • the two graphic elements 11, 21 are provided to encode data which can be decodified using the application downloaded to the mobile telephone 200, once photographed by this telephone.
  • QR codes These could be barcodes or two-dimensional codes. These are typically QR codes.
  • two-dimensional code is meant a two-dimensional code, which takes the form of a set composed of lines, squares, points, polygons or other geometric figures, which are used to code some information.
  • QR code means a type of two-dimensional barcode (or datamatrix matrix code) made up of black modules arranged in a square with a white background. The arrangement of these points defines the information that the code contains.
  • the first and second graphic elements 11, 21 encode respectively a public key Kpub and a private key Kpri which are associated (in the sense of asymmetric cryptology).
  • the first step is for company B to obtain a digital wallet 110.
  • Company B uses a company terminal for this purpose, here formed by a computer equipped with the Log software provided by the trusted third party A.
  • the trusted third party A is responsible for checking the company, and in particular its identity, before delivering its digital wallet 110 to it.
  • This digital wallet 110 here comprises a public key (hereinafter called Adi io address of the digital wallet 110 of company B) and a private key Kno, associated with the public key in the sense of asymmetric cryptology. It also includes tokens that can be spent by company B.
  • the trusted third party A orders in parallel the registration on the blockchain of the issue of this wallet.
  • company B Once company B has its digital wallet 110, it is able to use the Log software to generate, for each product 1 marketed, a couple of public keys Kpub and private keys Kpri allowing this product to be authenticated. 1 . These keys are of course unique (the same pair of keys cannot be used to sell products separately).
  • Company B before marketing this product 1 , will also generate a first transaction S1 to be entered in the blockchain (see FIG. 2), corresponding to the sale of product 1 .
  • the data recorded in the blockchain is then intended to make this first transaction S1 public.
  • the data entered in the blockchain during this first transaction S1 will include at least:
  • This data can be entered in the blockchain only because company B holds a private key Kno which allows it to authenticate itself with the authentication and traceability servers 100.
  • a token is then associated with the public key Kpub of product 1. Alternatively, it could be part of a token or several tokens.
  • the private key Kpri is of course not registered in the blockchain.
  • Other data relating to company B or product 1 can on the other hand be entered in the blockchain at the time of this first transaction S1.
  • this may be information for tracing the product 1 , such as for example a batch number, a date of manufacture or bottling, etc.
  • Company B or a subcontractor of this company (typically a label manufacturer), will then be able to print two labels 10, 20.
  • the QR-code 11 inscribed on the first label 10 is then designed to digitally encode the public key Kpub while the QR-code 21 inscribed on the second label 20 is designed to digitally encode the private key Kpri.
  • This S2 authentication operation has several advantages. First of all, it makes it possible to verify that product 1 has indeed been marketed by company B. It also allows customers C to find information on company B and on product 1, which have been entered in the blockchain. Finally, it makes it possible to check in the blockchain that the product has not already been sold to another customer (who would have already scanned the QR-code 21 associated with the private key).
  • the App application downloaded into the mobile telephone 200 will thus make it possible to verify that the two public keys Kpub and the private key Kpri are indeed associated in the sense of asymmetric cryptology, which will make it possible to authenticate again, with even greater reliability. larger, the product 1.
  • the blockchain protocol verifies that the signature is valid (i.e. the keys are associated), then, if so, it grants access to the token associated with the public key Kpub of product 1 , allowing it to be spent. It is therefore understood that the private key Kpri is essentially used to authenticate the product 1 and to sign the transaction in order to be able to register it on the blockchain.
  • This S3 scanning operation will therefore automatically lead to the registration of a second S4 transaction on a new block 120 of the blockchain.
  • This registration will make this second S4 transaction public in order to indicate that product 1 has been sold, which will prevent it from being resold fraudulently.
  • the data which is therefore entered on the blockchain includes at least the public key Kpub of the product. They may also include other data, such as for example the Adno address of the digital wallet 110 of company B.
  • this second transaction S4 is automatically followed by at least one additional step.
  • the first additional step consists in transmitting to company B information on the customer C who has purchased the product 1. For this, the buyer may have provided information on the App application downloaded on his mobile telephone 200 personal information or information about the transaction itself (did it go well?). [0103] This information is then transmitted via the Internet to company B. It is preferably not registered on the blockchain so as not to be made public.
  • a second additional step could consist of issuing a guarantee associated with product 1. This is particularly the case if product 1 is a device subject to warranty, typically an electronic device (television, telephone, washing machine, etc.). ). In this case, the guarantee can be transferred to company B and customer C, or even to trusted third party A.
  • first buyer resell the product 1 to another buyer
  • second buyer resell the product 1 to another buyer
  • product 1 may be the subject of a third transaction, which will be recorded in the blockchain, and then possibly still other subsequent transactions. We can then describe how this is possible.
  • the second transaction is registered in the blockchain.
  • a new address i.e. a new public key
  • the associated private key is stored in the App application of the mobile phone 200 of the first buyer.
  • This blockchain record also stores the first buyer's wallet address in the App's database, so that it can be known who is the current owner of the product 1 .
  • the second buyer Before buying this product (during the third transfer), the second buyer can then verify the authenticity of the product 1. For this, the first buyer can use the App application stored in his mobile telephone to authorize a micro-transaction to and/or from the address of its portfolio of associated products (as recognized by the App application) to the portfolio of the second buyer, thus confirming that it is the legal owner of the product. Then once satisfied, the second buyer can request the recording of the third transaction in the blockchain to prove that the property has been transferred to the second buyer.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Marketing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Collating Specific Patterns (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to a method for authenticating a product (1) by means of a computer system comprising a computer register organised in blockchain. According to the invention, the method comprises steps of: - generating, by a digital wallet holder, a transaction to be written in the computer register which comprises at least one digital wallet address and a public key; - writing, on a first label (10), a first graphic element (11) in which the public key is encoded; - writing, on a second label (20), a second graphic element (21) in which the private key is encoded; - affixing the first and second labels on the product such that the first graphic element (11) is visible and the second graphic element (21) is invisible.

Description

DESCRIPTION DESCRIPTION
T ITRE DE L’INVENTION : DISPOSITIF ET PROCEDE D’AUTHENTIFICATION DE PRODUITSTITLE OF THE INVENTION: PRODUCT AUTHENTICATION DEVICE AND METHOD
DOMAINE TECHNIQUE DE L'INVENTION TECHNICAL FIELD OF THE INVENTION
[0001] La présente invention concerne de manière générale le domaine des solutions pour l’authentification et la traçabilité de marchandises commercialisables. The present invention generally relates to the field of solutions for the authentication and traceability of marketable goods.
[0002] Elle porte plus précisément sur un procédé et un dispositif d’authentification de produits sur lesquels sont apposés des étiquettes. [0002] It relates more specifically to a process and a device for authenticating products on which labels are affixed.
[0003] Elle porte aussi sur tout produit portant de telles étiquettes. [0003] It also relates to any product bearing such labels.
ETAT DE LA TECHNIQUE STATE OF THE ART
[0004] La contrefaçon concerne tous les secteurs d’activité économique. [0004] Counterfeiting concerns all sectors of economic activity.
[0005] Pour faire face à cette situation, l’authentification et la traçabilité des produits deviennent des enjeux majeurs. [0005] To deal with this situation, product authentication and traceability are becoming major issues.
[0006] Les solutions d’authentification et de traçabilité visent donc à acquérir un certain niveau de certitudes quant à l’authenticité d’un produit. [0006] Authentication and traceability solutions therefore aim to acquire a certain level of certainty as to the authenticity of a product.
[0007] Ces solutions s’appuient pour cela généralement sur des éléments d’identification qui peuvent être classés en trois technologies différentes : [0007] These solutions are generally based on identification elements that can be classified into three different technologies:
- les éléments contrôlables visuellement (par exemple les dispositifs anti-effractions, les hologrammes, les encres, etc.), - visually controllable elements (e.g. anti-burglary devices, holograms, inks, etc.),
- les éléments contrôlables en laboratoire (les marqueurs physiques, les marqueurs biologiques, etc.), et - elements that can be checked in the laboratory (physical markers, biological markers, etc.), and
- les éléments contrôlables au moyen d’outils portables (par exemple les marquages numériques, les nanoparticules, etc.). - elements that can be checked using portable tools (e.g. digital markings, nanoparticles, etc.).
[0008] Actuellement, la plupart des éléments d’identification contrôlables au moyen d’outils portables sont soit très compliqués à mettre en œuvre, et donc peu utilisables à grande échelle, soit pas assez sécurisés si bien qu’ils sont susceptibles d’être falsifiables. [0009] Il existe par conséquent un besoin de nouveaux moyens d’authentification. [0008] Currently, most of the identification elements that can be checked by means of portable tools are either very complicated to implement, and therefore not very usable on a large scale, or not secure enough so that they are likely to be falsifiable. [0009] There is therefore a need for new means of authentication.
PRESENTATION DE L'INVENTION PRESENTATION OF THE INVENTION
[0010] Dans ce contexte, la présente invention propose de s’appuyer sur la technologie « blockchain » et sur la cryptologie asymétrique pour trouver une solution facilement utilisable et offrant à ses usagers un haut niveau de sécurité. In this context, the present invention proposes to rely on “blockchain” technology and on asymmetric cryptology to find an easily usable solution and offering its users a high level of security.
[0011] La technologie blockchain pourra ici être définie en des termes généraux comme étant un système informatique comportant un registre informatique qui est organisé en chaine de blocs (de l’anglais « blockchain ») et dans lequel des données associées à des détenteurs de portefeuilles informatiques peuvent être inscrites. [0012] La présente invention propose plus précisément dans ce cadre un procédé d’authentification d’un produit qui comprend des étapes de : [0011] Blockchain technology can be defined here in general terms as being a computer system comprising a computer register which is organized in a chain of blocks (from the English "blockchain") and in which data associated with wallet holders computers can be registered. The present invention more specifically proposes in this context a process for authenticating a product which comprises steps of:
- génération, par un détenteur de portefeuille numérique, d’une transaction à enregistrer sur le registre informatique, ledit enregistrement comprenant au moins une adresse du portefeuille numérique et une clé publique, laquelle clé publique est associée à une clé privée, - generation, by a holder of a digital wallet, of a transaction to be recorded on the computer register, said recording comprising at least one address of the digital wallet and a public key, which public key is associated with a private key,
- inscription, sur une première étiquette, d’un premier élément graphique dans lequel est codée ladite clé publique, - registration, on a first label, of a first graphic element in which said public key is encoded,
- inscription, sur une seconde étiquette distincte ou non de la première étiquette, d’un second élément graphique dans lequel est codée ladite clé privée, - registration, on a second label, distinct or not from the first label, of a second graphic element in which said private key is coded,
- apposition sur ledit produit des première et seconde étiquettes, de façon que le premier élément graphique soit visible et que le second élément graphique soit invisible tant que ladite seconde étiquette et/ou le produit restent intègres. - affixing to said product first and second labels, so that the first graphic element is visible and the second graphic element is invisible as long as said second label and/or the product remain intact.
[0013] Ainsi, grâce à l’invention, la clé publique codée sur la première étiquette permet de contrôler que le produit a bien été fabriqué par le fabricant détenteur du portefeuille numérique et que ce produit n’a encore fait l’objet d’aucune transaction. [0013] Thus, thanks to the invention, the public key coded on the first label makes it possible to check that the product has indeed been manufactured by the manufacturer holding the digital wallet and that this product has not yet been the subject of no transactions.
[0014] La clé privée, qui n’est lisible qu’une fois le produit ouvert ou la seconde étiquette corrompue, est quant à elle utilisée pour générer une seconde transaction à inscrire dans le registre informatique afin d’y noter la vente du produit. Ainsi, quiconque voudrait réutiliser la clé publique pour contrefaire un autre produit échouerait, puisque cette clé publique serait alors associée à un produit déjà vendu. [0014] The private key, which is only readable once the product has been opened or the second label has been corrupted, is itself used to generate a second transaction to be recorded in the computer register in order to note the sale of the product there. . Thus, anyone wishing to reuse the public key to counterfeit another product would fail, since this public key would then be associated with a product already sold.
[0015] On comprend en outre que grâce à l’invention, le produit ne peut plus être revendu sans que le nouvel acheteur ne soit au courant de la première transaction. [0015] It is also understood that thanks to the invention, the product can no longer be resold without the new buyer being aware of the first transaction.
[0016] Préférentiellement, l’un au moins des premier et second éléments graphiques se présente sous la forme d’un code-barres ou d’un code bidimensionnel, par exemple d’un QR-code. [0016] Preferably, at least one of the first and second graphic elements is in the form of a barcode or a two-dimensional code, for example a QR-code.
[0017] Préférentiellement, ledit enregistrement comprend également au moins une autre donnée qui est relative au produit et/ou au fabricant dudit produit. [0017]Preferably, said record also includes at least one other piece of data which relates to the product and/or to the manufacturer of said product.
[0018] L’invention concerne aussi un procédé de vérification de l’authenticité d’un produit comprenant des étapes de : The invention also relates to a method for verifying the authenticity of a product comprising steps of:
- vérification préliminaire de l’authenticité du produit par lecture du premier élément graphique et décodage de la clé publique, - preliminary verification of the authenticity of the product by reading the first graphic element and decoding the public key,
- corruption de la seconde étiquette ou du produit de façon à rendre le second élément graphique visible, - corruption of the second label or of the product so as to make the second graphic element visible,
- vérification complémentaire de l’authenticité du produit par lecture du second élément graphique et décodage de la clé privée, le décodage de la clé privée entraînant automatiquement l’inscription d’une transaction sur le registre informatique. [0019] Préférentiellement, il est prévu une étape supplémentaire d’acquisition de données qui sont relatives à un individu acquérant ledit produit et qui ont été préalablement saisies sur une interface homme-machine. - additional verification of the authenticity of the product by reading the second graphic element and decoding the private key, the decoding of the private key automatically resulting in the registration of a transaction in the computer register. [0019]Preferably, an additional step is provided for acquiring data which relate to an individual acquiring said product and which have been entered beforehand on a man-machine interface.
[0020] Préférentiellement, il est prévu une étape supplémentaire au cours de laquelle une garantie associée au produit est générée. [0020] Preferably, an additional step is provided during which a guarantee associated with the product is generated.
[0021] Préférentiellement, chaque étape supplémentaire est automatiquement mise en œuvre après l’étape de vérification complémentaire. Preferably, each additional step is automatically implemented after the additional verification step.
[0022] L’invention concerne également un dispositif d’authentification comprenant :The invention also relates to an authentication device comprising:
- une première étiquette sur laquelle est inscrite un premier élément graphique dans lequel est codée une clé publique, ladite clé publique étant stockée dans un registre informatique organisé en chaine de blocs, et - a first label on which is inscribed a first graphic element in which a public key is coded, said public key being stored in a computer register organized in a chain of blocks, and
- une seconde étiquette sur laquelle est inscrite un second élément graphique dans lequel est codée une clé privée associé à ladite clé publique. - A second label on which is inscribed a second graphic element in which is coded a private key associated with said public key.
[0023] L’invention concerne enfin un produit équipé d’un tel dispositif d’authentification, dont la première étiquette est apposée de façon que le premier élément graphique soit visible, et dont la seconde étiquette est apposée de façon que le second élément graphique soit invisible tant que ladite seconde étiquette et/ou le produit restent intègres. Finally, the invention relates to a product equipped with such an authentication device, the first label of which is affixed so that the first graphic element is visible, and the second label of which is affixed so that the second graphic element is invisible as long as said second label and/or the product remain intact.
[0024] Préférentiellement, ladite seconde étiquette est décollable une unique fois du produit, ou présente un revêtement qui cache le second élément graphique et qui est enlevable une seule fois, ou est apposée de façon à être visible seulement une fois le produit ouvert. [0024]Preferably, said second label can be peeled off once from the product, or has a coating which conceals the second graphic element and which can be removed once, or is affixed so as to be visible only once the product has been opened.
[0025] Bien entendu, les différentes caractéristiques, variantes et formes de réalisation de l'invention peuvent être associées les unes avec les autres selon diverses combinaisons dans la mesure où elles ne sont pas incompatibles ou exclusives les unes des autres. Of course, the different characteristics, variants and embodiments of the invention can be associated with each other in various combinations insofar as they are not incompatible or exclusive of each other.
DESCRIPTION DETAILLEE DE L'INVENTION DETAILED DESCRIPTION OF THE INVENTION
[0026] La description qui va suivre en regard des dessins annexés, donnés à titre d’exemples non limitatifs, fera bien comprendre en quoi consiste l’invention et comment elle peut être réalisée. The following description with reference to the accompanying drawings, given by way of non-limiting examples, will make it clear what the invention consists of and how it can be implemented.
[0027] Sur les dessins annexés : [0027] In the accompanying drawings:
- la figure 1 est une vue schématique d’un produit qui comporte un dispositif d’authentification conforme à l’invention, et d’un téléphone portable utilisé pour mettre en œuvre un procédé d’authentification conforme à l’invention ; et - Figure 1 is a schematic view of a product that includes an authentication device according to the invention, and a mobile phone used to implement an authentication method according to the invention; and
- la figure 2 est un graphique illustrant les différentes entités utilisées pour mettre en œuvre ce procédé d’authentification. - Figure 2 is a graph illustrating the different entities used to implement this authentication process.
[0028] Sur la figure 1 , on a représenté un exemple de produit 1 que l’on souhaite pouvoir rendre facilement authentifiable au moment de son achat. [0029] Sur la figure 2, on a représenté les différents éléments d’un système permettant d’assurer cette authentification. In Figure 1, there is shown an example of product 1 that we want to be able to make it easily authenticated at the time of purchase. In Figure 2, there is shown the various elements of a system to ensure this authentication.
[0030] On peut tout d’abord décrire ce système d’authentification 2. We can first describe this authentication system 2.
[0031] Il comprend la combinaison suivante : [0031] It comprises the following combination:
- au moins un produit 1 à authentifier sur lequel sont apposées au moins deux parties d’étiquettes 10, 20 (voir figure 1), - at least one product 1 to be authenticated on which are affixed at least two parts of labels 10, 20 (see figure 1),
- un terminal client 200 qui permet à un client d’interagir avec le produit 1 pour l’authentifier, et - a client terminal 200 which allows a client to interact with the product 1 to authenticate it, and
- un ensemble de serveurs d’authentification et de traçabilité 100, comprenant en particulier le serveur d’une entité centrale (ci-après appelée tiers de confiance A). - a set of authentication and traceability servers 100, comprising in particular the server of a central entity (hereinafter called trusted third party A).
[0032] A ce stade, on pourra définir la notion de « tiers de confiance A » comme désignant un organisme de certification de sociétés B souhaitant pouvoir commercialiser des produits en utilisant la solution faisant l’objet de la présente invention. [0032] At this stage, the concept of "trusted third party A" can be defined as designating a certification body for companies B wishing to be able to market products using the solution that is the subject of the present invention.
[0033] La notion de « société B » sera ici uniquement utilisée pour désigner les entités qui souhaitent pouvoir commercialiser des produits en utilisant la solution faisant l’objet de la présente invention. The concept of "company B" will be used here only to designate entities that wish to be able to market products using the solution that is the subject of the present invention.
[0034] Enfin, on pourra également définir la notion de « client C ». Dans la description, ce terme de client ne s’appliquera pas aux sociétés intermédiaires appartenant aux chaînes de commercialisation des produits commercialisés par les sociétés B. Au contraire, elle s’appliquera seulement aux clients finaux, c’est-à-dire aux personnes ou sociétés qui acquièrent les produits pour en jouir. [0034] Finally, the notion of “client C” can also be defined. In the description, this term customer will not apply to intermediary companies belonging to the marketing chains of the products marketed by companies B. On the contrary, it will only apply to end customers, i.e. people or companies that acquire the products to enjoy them.
[0035] Chacun des serveurs d’authentification et de traçabilité 100 mémorise une copie d’un registre informatique qui est organisé en chaine de blocs. Dans la suite de la description, on parlera de « blockchain ». Each of the authentication and traceability servers 100 stores a copy of a computer register which is organized in a chain of blocks. In the rest of the description, we will speak of “blockchain”.
[0036] La blockchain est ainsi mémorisée sur un réseau pair à pair composé d'une pluralité de nœuds (chacun formé par un ou plusieurs serveurs) qui, ensemble, forment une base de données distribuée. Plus précisément, la blockchain est mémorisée sur cette base de données distribuée en étant répliquée sur chaque nœud. Sur chaque nœud est implémenté un protocole informatique de participation à l'élaboration de la blockchain. Ce protocole, dit « protocole blockchain », comprend un processus calculatoire d'ajout périodique d'un nouveau bloc 120 à la blockchain existante. Ce processus met en œuvre un mécanisme de validation des blocs par consensus entre tout ou partie des nœuds. C'est l'intercorrélation des blocs qui procure leur réputation d'immuabilité aux données contenues dans la blockchain. The blockchain is thus stored on a peer-to-peer network composed of a plurality of nodes (each formed by one or more servers) which together form a distributed database. More precisely, the blockchain is stored on this distributed database by being replicated on each node. On each node is implemented a computer protocol for participating in the development of the blockchain. This protocol, called “blockchain protocol”, comprises a computational process for periodically adding a new block 120 to the existing blockchain. This process implements a block validation mechanism by consensus between all or some of the nodes. It is the intercorrelation of blocks that gives the reputation of immutability to the data contained in the blockchain.
[0037] Le protocole blockchain permet ici de compléter la chaine de blocs en y enregistrant notamment trois types d’informations : [0037] The blockchain protocol makes it possible here to complete the chain of blocks by recording in particular three types of information:
- des données correspondant à des transactions de mises en vente de produits 1 par des sociétés B, - data corresponding to transactions for the sale of products 1 by B companies,
- des données correspondant à des transactions d’achats de produits 1 par des clients C, et - data corresponding to purchase transactions of products 1 by customers C, and
- des données d’enregistrement et d’identification de sociétés B autorisées à émettre des transactions de mises en vente de produits sur la blockchain. - registration and identification data of companies B authorized to issue transactions for the sale of products on the blockchain.
[0038] La manière d’inscrire ces informations dans les blocs sera détaillée dans la suite de cet exposé. On pourra seulement préciser à ce stade que les données d’enregistrement et d’identification des sociétés B se présenteront sous la forme de portefeuilles numériques 110 sur chacun desquels seule la société B concernée aura le contrôle. The way to enter this information in the blocks will be detailed later in this presentation. It can only be specified at this stage that the registration and identification data of companies B will be in the form of digital wallets 110 over each of which only the company B concerned will have control.
[0039] Tous les serveurs d’authentification et de traçabilité 100 sont connectés ensemble, ici via un réseau étendu « WAN » pour « Wide Area Network » (à savoir avantageusement Internet). [0039] All the authentication and traceability servers 100 are connected together, here via an extended network “WAN” for “Wide Area Network” (namely advantageously the Internet).
[0040] Le terminal client 200 et les serveurs d’authentification et de traçabilité 100 sont également destinés à communiquer ensemble via ce même réseau. The client terminal 200 and the authentication and traceability servers 100 are also intended to communicate together via this same network.
[0041] Le terminal client 200 pourra par exemple se présenter sous la forme d’un ordinateur, d’une tablette, d’une montre connectée... On considérera ici qu’il s’agit d’un téléphone mobile 200. [0041] The client terminal 200 may for example be in the form of a computer, a tablet, a connected watch, etc. It will be considered here that it is a mobile telephone 200.
[0042] Ainsi, on considérera dans notre exemple que chaque client C qui souhaite bénéficier des avantages de la présente invention sera équipé d’un téléphone mobile 200. [0043] Ce téléphone mobile 200 est très classique en ce sens qu’il comprend une interface homme/machine (typiquement un écran tactile), un calculateur (typiquement un microprocesseur), une mémoire informatique, des moyens de communication et un moyen d’acquisition d’images. [0042] Thus, it will be considered in our example that each customer C who wishes to benefit from the advantages of the present invention will be equipped with a mobile telephone 200. [0043] This mobile telephone 200 is very conventional in the sense that it comprises a man/machine interface (typically a touch screen), a computer (typically a microprocessor), a computer memory, communication means and an image acquisition means.
[0044] Le calculateur mémorise une application informatique App, constituée de programmes d’ordinateur comprenant des instructions dont l’exécution par le processeur permet la mise en œuvre par le calculateur du procédé décrit ci-après. The computer stores a computer application App, consisting of computer programs comprising instructions whose execution by the processor allows the implementation by the computer of the method described below.
[0045] Cette application informatique App aura ici été élaborée par le tiers de confiance A et mise à disposition des clients C. [0045] This computer application App will have been developed here by the trusted third party A and made available to customers C.
[0046] On notera qu’un logiciel informatique Log élaboré par le tiers de confiance sera également mis à disposition des sociétés B. [0046] It should be noted that Log computer software developed by the trusted third party will also be made available to companies B.
[0047] On peut maintenant décrire plus en détail le produit 1 à authentifier, en référence à la figure 1 . We can now describe the product 1 to be authenticated in more detail, with reference to FIG.
[0048] Ce produit peut être formé par n’importe quel type d’élément ou d’ensemble d’éléments commerciable. [0048] This product can be formed by any type of element or set of commercial elements.
[0049] Sur la figure 1 , il s’agit d’une bouteille de vin rouge, mais en variante, il pourrait s’agir d’un vêtement, d’un containeur, d’un livre, d’un composant d’automobile ou d’avion, d’un ordinateur portable... Cette liste n’est bien entendu nullement limitative. [0050] Dans la suite de la description, la notion de « produit » désignera bien entendu la marchandise commercialisable (ici la bouteille de vin), mais elle pourra englober également l’emballage de protection de cette marchandise. A titre d’exemple, lorsque la bouteille de vin est livrée dans un coffret en bois fermé, la notion de produit pourra s’appliquer à l’ensemble formé de la bouteille et de son coffret. [0049] In Figure 1, it is a bottle of red wine, but alternatively it could be a piece of clothing, a container, a book, a component of car or plane, a laptop computer... This list is of course in no way exhaustive. [0050] In the rest of the description, the notion of “product” will of course designate the marketable goods (here the bottle of wine), but it may also include the protective packaging for this goods. By way of example, when the bottle of wine is delivered in a closed wooden box, the notion of product may apply to the assembly formed by the bottle and its box.
[0051] Ce produit 1 est équipé d’un dispositif d’authentification formé ici de deux étiquettes 10, 20. Ces deux étiquettes sont ici distinctes, mais en variante, elles pourraient être formées d’une seule pièce. This product 1 is equipped with an authentication device formed here of two labels 10, 20. These two labels are distinct here, but alternatively, they could be formed in one piece.
[0052] Ces étiquettes 10, 20 sont destinées à être apposées sur ou dans le produit 1 pour son authentification et sa traçabilité. These labels 10, 20 are intended to be affixed to or in the product 1 for its authentication and traceability.
[0053] Par « authentification », on entend en particulier l’action qui consiste à vérifier le caractère original du produit. [0053] By “authentication”, we mean in particular the action which consists in verifying the original character of the product.
[0054] Par « traçabilité », on entend en particulier la capacité de savoir si le produit a ou non déjà été vendu à un client C. [0054] By “traceability”, we mean in particular the ability to know whether or not the product has already been sold to a customer C.
[0055] La première étiquette 10 est revêtue d’un premier élément graphique 11 codant des informations. Elle est apposée sur le produit 1 de façon que le premier élément graphique 11 soit visible. Elle est dans notre exemple directement collée sur la bouteille de vin, de façon que sa face sur laquelle se trouve le premier élément graphique 11 soit tournée vers l’extérieur. En variante, si le produit comportait un emballage (film protecteur opaque, coffret, carton), cette première étiquette 10 serait préférentiellement apposée sur cet emballage de façon à ce que le premier élément graphique 11 soit bien visible. The first label 10 is coated with a first graphic element 11 encoding information. It is affixed to the product 1 so that the first graphic element 11 is visible. In our example, it is directly glued to the bottle of wine, so that its side on which the first graphic element 11 is located faces outwards. Alternatively, if the product included packaging (opaque protective film, box, cardboard), this first label 10 would preferably be affixed to this packaging so that the first graphic element 11 is clearly visible.
[0056] La seconde étiquette 20 est revêtue d’un second élément graphique 21 codant des informations. Elle est apposée sur le produit de façon que le second élément graphique 21 soit invisible. Elle est dans notre exemple directement collée sur la bouteille de vin rouge, de façon que sa face sur laquelle se trouve le second élément graphique 21 soit tournée vers l’intérieur (le vin rouge cachant cet élément graphique). En variante, si les deux étiquettes étaient formées d’une seule pièce, les deux éléments graphiques seraient dans notre exemple situées sur les deux faces opposées de cette étiquette. Encore en variante, si le produit comportait un emballage, cette seconde étiquette 20 pourrait être apposée sur la face intérieure de cet emballage ou simplement glissée dans l’emballage. The second label 20 is coated with a second graphic element 21 encoding information. It is affixed to the product so that the second graphic element 21 is invisible. In our example, it is directly glued to the bottle of red wine, so that its side on which the second graphic element 21 is located faces inwards (the red wine hiding this graphic element). Alternatively, if the two labels were formed from a single piece, the two graphic elements would in our example be located on the two opposite sides of this label. Still as a variant, if the product included packaging, this second label 20 could be affixed to the inside face of this packaging or simply slipped into the packaging.
[0057] L’objectif est que le second élément graphique 21 reste invisible tant que la seconde étiquette 20 et/ou le produit 1 restent intègres (c’est-à-dire intact, incorrompu), mais qu’il devienne visible après ouverture du produit ou après corruption de la seconde étiquette 20. The objective is for the second graphic element 21 to remain invisible as long as the second label 20 and/or the product 1 remain intact (that is to say intact, uncorrupted), but for it to become visible after opening. of the product or after corruption of the second label 20.
[0058] On peut ainsi donner d’autres exemples de réalisation de cette seconde étiquette. [0059] Cette seconde étiquette pourrait être revêtue d’une encre grattable, permettant de découvrir le second élément graphique 21 une seule fois. [0060] Cette seconde étiquette pourrait comporter deux couches, dont une couche arrière sur laquelle serait inscrit le second élément graphique 21 et une couche avant de protection pouvant n’être décollé de la couche arrière qu’une seule et unique fois. It is thus possible to give other embodiments of this second label. This second label could be coated with scratch-off ink, allowing the second graphic element 21 to be uncovered only once. This second label could comprise two layers, including a back layer on which would be inscribed the second graphic element 21 and a front protective layer that can only be peeled off from the back layer once.
[0061] D’autres variantes de réalisation sont bien entendu envisageables. Other variant embodiments are of course possible.
[0062] Les deux éléments graphiques 11 , 21 sont prévus pour coder des données qui sont décodables à l’aide de l’application téléchargée sur le téléphone mobile 200, une fois pris en photo par ce téléphone. [0062] The two graphic elements 11, 21 are provided to encode data which can be decodified using the application downloaded to the mobile telephone 200, once photographed by this telephone.
[0063] Ces deux éléments graphiques 11 , 21 pourraient se présenter sous diverses formes, pour autant qu’ils soient en mesure de coder des données. These two graphic elements 11, 21 could take various forms, provided that they are able to encode data.
[0064] Il pourrait s’agir de codes-barres ou de codes bidimensionnels. Il s’agit ici typiquement de QR-codes. These could be barcodes or two-dimensional codes. These are typically QR codes.
[0065] Par « code bidimensionnel », on entend un code en deux dimensions, qui prend la forme d'un ensemble composé de traits, de carrés, de points, de polygones ou d'autres figures géométriques, dont on se sert pour coder de l'information. By "two-dimensional code" is meant a two-dimensional code, which takes the form of a set composed of lines, squares, points, polygons or other geometric figures, which are used to code some information.
[0066] Par « QR code », on entend un type de code-barres en deux dimensions (ou code matriciel datamatrix) constitué de modules noirs disposés dans un carré à fond blanc. L'agencement de ces points définit l'information que contient le code. “QR code” means a type of two-dimensional barcode (or datamatrix matrix code) made up of black modules arranged in a square with a white background. The arrangement of these points defines the information that the code contains.
[0067] Comme cela sera bien décrit ci-après, les premier et deuxième éléments graphiques 11 , 21 codent respectivement une clé publique Kpub et une clé privée Kpri qui sont associées (au sens de la cryptologie asymétrique). As will be well described below, the first and second graphic elements 11, 21 encode respectively a public key Kpub and a private key Kpri which are associated (in the sense of asymmetric cryptology).
[0068] On peut maintenant décrire plus en détail le procédé permettant à une société B de commercialiser un produit 1 qui soit authentifiable par le client C. We can now describe in more detail the process allowing a company B to market a product 1 which can be authenticated by the customer C.
[0069] La première étape consiste, pour la société B, à obtenir un portefeuille numérique 110. The first step is for company B to obtain a digital wallet 110.
[0070] La société B utilise pour cela un terminal société, ici formé par un ordinateur équipé du logiciel Log fourni par le tiers de confiance A. [0070] Company B uses a company terminal for this purpose, here formed by a computer equipped with the Log software provided by the trusted third party A.
[0071] Cette opération pourrait être réalisée à l’aide de ce logiciel Log, sans aucune vérification préalable. Toutefois, ici, le tiers de confiance A a la charge de contrôler la société, et notamment son identité, avant de lui délivrer son portefeuille numérique 110. This operation could be carried out using this Log software, without any prior verification. However, here, the trusted third party A is responsible for checking the company, and in particular its identity, before delivering its digital wallet 110 to it.
[0072] Ce portefeuille numérique 110 comporte ici une clé publique (ci-après appelée adresse Adi io du portefeuille numérique 110 de la société B) et une clé privée Kno, associée à la clé publique au sens de la cryptologie asymétrique. Il comporte en outre des jetons dépensables par la société B. This digital wallet 110 here comprises a public key (hereinafter called Adi io address of the digital wallet 110 of company B) and a private key Kno, associated with the public key in the sense of asymmetric cryptology. It also includes tokens that can be spent by company B.
[0073] Le tiers de confiance A commande en parallèle l’inscription sur la blockchain de la délivrance de ce portefeuille. [0073] The trusted third party A orders in parallel the registration on the blockchain of the issue of this wallet.
[0074] Les données inscrites à cette étape sur la blockchain sont en particulier : [0074] The data recorded at this stage on the blockchain are in particular:
- l’identité de la société B, et - l’adresse Adno du portefeuille numérique 110 de la société B. - the identity of company B, and - the Adno address of the digital wallet 110 of company B.
[0075] D’autres données relatives à la société B peuvent également être inscrites. Dans notre exemple où la société B commercialise des bouteilles de vin, ces données peuvent par exemple être relatives à l’année de création du domaine viticole, sa localisation, son terroir, les produits qu’elle commercialise... [0075] Other data relating to company B can also be entered. In our example where company B sells bottles of wine, this data may for example relate to the year of creation of the wine estate, its location, its terroir, the products it sells, etc.
[0076] Une fois la société B détentrice de son portefeuille numérique 110, elle est en mesure d’utiliser le logiciel Log afin de générer, pour chaque produit 1 commercialisé, un couple de clés publique Kpub et privée Kpri permettant d’authentifier ce produit 1 . Ces clés sont bien entendu uniques (on ne peut utiliser un même couple de clés pour vendre des produits séparément). Once company B has its digital wallet 110, it is able to use the Log software to generate, for each product 1 marketed, a couple of public keys Kpub and private keys Kpri allowing this product to be authenticated. 1 . These keys are of course unique (the same pair of keys cannot be used to sell products separately).
[0077] Pour la clarté de l’exposé, on ne s’intéressera ici qu’à un seul produit 1 . [0077] For the clarity of the presentation, we will only focus here on a single product 1 .
[0078] La société B, avant de commercialiser ce produit 1 , va en outre générer une première transaction S1 à inscrire dans la blockchain (voir figure 2), correspondant à la mise en vente du produit 1 . [0078] Company B, before marketing this product 1 , will also generate a first transaction S1 to be entered in the blockchain (see FIG. 2), corresponding to the sale of product 1 .
[0079] Les données enregistrées dans la blockchain ont alors pour objectif de rendre cette première transaction S1 publique. The data recorded in the blockchain is then intended to make this first transaction S1 public.
[0080] Les données inscrites dans la blockchain au cours de cette première transaction S1 vont comprendre au moins : The data entered in the blockchain during this first transaction S1 will include at least:
- l’adresse Adno du portefeuille numérique 110 de la société B, et - the Adno address of the digital wallet 110 of company B, and
- la clé publique Kpub associée au produit 1. - the public key Kpub associated with product 1.
[0081] Ces données peuvent être inscrites dans la blockchain uniquement parce que la société B est détentrice d’un clé privée Kno qui lui permet de s’authentifier auprès des serveurs d’authentification et de traçabilité 100. [0081] This data can be entered in the blockchain only because company B holds a private key Kno which allows it to authenticate itself with the authentication and traceability servers 100.
[0082] Lors de cette inscription, un jeton (de l’anglais « token ») est alors associé à la clé publique Kpub du produit 1. En variante, il pourrait s’agir d’une partie de jeton ou de plusieurs jetons. During this registration, a token is then associated with the public key Kpub of product 1. Alternatively, it could be part of a token or several tokens.
[0083] La clé privée Kpri n’est bien entendu pas inscrite dans la blockchain. [0083] The private key Kpri is of course not registered in the blockchain.
[0084] D’autres données relatives à la société B ou au produit 1 peuvent en revanche être inscrites dans la blockchain au moment de cette première transaction S1 . A titre d’exemple, il peut s’agir d’informations de traçage du produit 1 , tel que par exemple un numéro de lot, une date de fabrication ou de mise en bouteille... [0084] Other data relating to company B or product 1 can on the other hand be entered in the blockchain at the time of this first transaction S1. By way of example, this may be information for tracing the product 1 , such as for example a batch number, a date of manufacture or bottling, etc.
[0085] La société B, ou un sous-traitant de cette société (typiquement un fabricant d’étiquettes), va alors être en mesure d’imprimer deux étiquettes 10, 20. [0085] Company B, or a subcontractor of this company (typically a label manufacturer), will then be able to print two labels 10, 20.
[0086] Le QR-code 11 inscrit sur la première étiquette 10 est alors conçu pour coder numériquement la clé publique Kpub tandis que le QR-code 21 inscrit sur la seconde étiquette 20 est conçu pour coder numériquement la clé privée Kpri. The QR-code 11 inscribed on the first label 10 is then designed to digitally encode the public key Kpub while the QR-code 21 inscribed on the second label 20 is designed to digitally encode the private key Kpri.
[0087] Ces deux étiquettes 10, 20 peuvent alors être apposées sur le produit 1 , comme cela a été exposé supra. Dans l’exemple ici représenté, la première étiquette 10 est collée sur la bouteille de vin de façon que son QR-code 11 soit visible, tandis que la seconde étiquette 20 est collée sur la bouteille de vin de façon que son QR-code 21 soit invisible. [0088] On notera ici que d’un produit 1 à l’autre, les QR-codes utilisés sont tous différents. [0089] A ce stade, le produit 1 peut être commercialisé. On considérera dans notre exemple le cas où la bouteille de vin est proposée à la vente chez un caviste. [0087] These two labels 10, 20 can then be affixed to the product 1, as this has been explained above. In the example represented here, the first label 10 is stuck on the bottle of wine so that its QR-code 11 is visible, while the second label 20 is stuck on the bottle of wine so that its QR-code 21 be invisible. It will be noted here that from one product 1 to another, the QR-codes used are all different. At this stage, product 1 can be marketed. In our example, we will consider the case where the bottle of wine is offered for sale at a wine merchant.
[0090] Le caviste et tous ses clients C pourront alors vérifier l’authenticité du produit 1 en scannant le QR-code 11 visible avec leur téléphone mobile 200, s’ils ont au préalable téléchargé l’application App dédiée (ou, s’ils ne souhaitent pas télécharger cette application, en utilisant une interface web accessible via un navigateur Internet). [0090] The wine merchant and all his customers C will then be able to verify the authenticity of the product 1 by scanning the visible QR-code 11 with their mobile telephone 200, if they have previously downloaded the dedicated App application (or, if they do not wish to download this application, using a web interface accessible via an Internet browser).
[0091] Cette application App permettra en effet aux clients C et au caviste de vérifier que la clé publique Kpub du produit 1 est bien inscrite dans la blockchain, ce qui confirmera l’authenticité du produit 1. Elle vérifie aussi que le jeton associé au produit a bien été dépensé en conséquence. [0091] This App application will indeed allow customers C and the wine merchant to verify that the public key Kpub of product 1 is indeed registered in the blockchain, which will confirm the authenticity of product 1. It also verifies that the token associated with the proceeds have been spent accordingly.
[0092] Cette opération d’authentification S2 présente plusieurs avantages. Elle permet tout d’abord de vérifier que le produit 1 a bien été commercialisé par la société B. Elle permet en outre aux clients C de trouver des informations sur la société B et sur le produit 1 , qui ont été inscrites dans la blockchain. Elle permet enfin de vérifier dans la blockchain que le produit n’a pas déjà fait l’objet d’une vente à un autre client (qui aurait déjà scanné le QR-code 21 associé à la clé privée). This S2 authentication operation has several advantages. First of all, it makes it possible to verify that product 1 has indeed been marketed by company B. It also allows customers C to find information on company B and on product 1, which have been entered in the blockchain. Finally, it makes it possible to check in the blockchain that the product has not already been sold to another customer (who would have already scanned the QR-code 21 associated with the private key).
[0093] Lorsqu’un client C souhaite acquérir le produit 1 , il peut commencer par payer le prix du produit 1 puis corrompre la seconde étiquette 20 de façon à rendre le QR-code 21 visible. When a customer C wishes to acquire product 1, he can start by paying the price of product 1 and then corrupt the second label 20 so as to make the QR-code 21 visible.
[0094] Dans le mode de réalisation ici représenté, il décolle pour cela la seconde étiquette 20, ce qui a pour effet de la détériorer de façon très manifeste (et donc de la rendre inutilisable), et de rendre le QR-code 21 visible. [0094] In the embodiment represented here, it peels off the second label 20 for this, which has the effect of damaging it very obviously (and therefore making it unusable), and making the QR-code 21 visible. .
[0095] Après avoir scanné le QR-code 11 , le client va alors pouvoir scanner avec son téléphone mobile 200 ce second QR-code 21. [0095] After scanning the QR-code 11, the customer will then be able to scan this second QR-code 21 with his mobile phone 200.
[0096] L’application App téléchargée dans le téléphone mobile 200 va ainsi permettre de vérifier que les deux clés publique Kpub et privée Kpri sont bien associées au sens de la cryptologie asymétrique, ce qui permettra d’authentifier à nouveau, avec une fiabilité encore plus grande, le produit 1. The App application downloaded into the mobile telephone 200 will thus make it possible to verify that the two public keys Kpub and the private key Kpri are indeed associated in the sense of asymmetric cryptology, which will make it possible to authenticate again, with even greater reliability. larger, the product 1.
[0097] En effet, on pourrait envisager qu’un contrefacteur utilise des copies de la première étiquette sur plusieurs produits. L’acheteur, en scannant le QR-code 21 apparaissant sur la seconde étiquette 20, va alors vérifier que les deux clés correspondent, ce qui lui permettra de contrôler que ce produit est bien authentique et qu’il ne s’agit pas d’une copie. [0097] Indeed, it could be envisaged that a counterfeiter would use copies of the first label on several products. The buyer, by scanning the QR-code 21 appearing on the second label 20, will then check that the two keys correspond, which will allow him to check that this product is indeed authentic and that it is not a a copy.
[0098] Pour réaliser cette authentification, le protocole blockchain vérifie que la signature est valide (c’est-à-dire que les clés sont associées), puis, si tel est le cas, il accorde un accès au jeton associé à la clé publique Kpub du produit 1 , ce qui permet de le dépenser. On comprend donc que la clé privée Kpri est essentiellement utilisée pour authentifier le produit 1 et pour signer la transaction afin de pouvoir l’inscrire sur la blockchain. To perform this authentication, the blockchain protocol verifies that the signature is valid (i.e. the keys are associated), then, if so, it grants access to the token associated with the public key Kpub of product 1 , allowing it to be spent. It is therefore understood that the private key Kpri is essentially used to authenticate the product 1 and to sign the transaction in order to be able to register it on the blockchain.
[0099] Cette opération de scannage S3 va donc automatiquement entraîner l’inscription d’une seconde transaction S4 sur un nouveau bloc 120 de la blockchain. Cette inscription permettra de rendre publique cette seconde transaction S4 afin d’indiquer que le produit 1 a été vendu, ce qui évitera qu’il puisse être ensuite revendu de façon frauduleuse. This S3 scanning operation will therefore automatically lead to the registration of a second S4 transaction on a new block 120 of the blockchain. This registration will make this second S4 transaction public in order to indicate that product 1 has been sold, which will prevent it from being resold fraudulently.
[0100] Les données qui sont pour cela inscrites sur la blockchain comportent au moins la clé publique Kpub du produit. Elles peuvent également comporter d’autres données, telles que par exemple l’adresse Adno du portefeuille numérique 110 de la société B. [0100] The data which is therefore entered on the blockchain includes at least the public key Kpub of the product. They may also include other data, such as for example the Adno address of the digital wallet 110 of company B.
[0101] Préférentiellement, l’inscription de cette seconde transaction S4 est automatiquement suivie d’au moins une étape supplémentaire. Preferably, the entry of this second transaction S4 is automatically followed by at least one additional step.
[0102] La première étape supplémentaire consiste à transmettre à la société B des informations sur le client C qui a acheté le produit 1. Pour cela, l’acheteur peut avoir renseigné sur l’application App téléchargée sur son téléphone mobile 200 des informations personnelles ou des informations sur la transaction elle-même (s’est-elle bien déroulée ?). [0103] Ces informations sont alors transmises par Internet à la société B. Elles ne sont préférentiellement pas inscrites sur la blockchain pour ne pas être rendues publiques. [0102] The first additional step consists in transmitting to company B information on the customer C who has purchased the product 1. For this, the buyer may have provided information on the App application downloaded on his mobile telephone 200 personal information or information about the transaction itself (did it go well?). [0103] This information is then transmitted via the Internet to company B. It is preferably not registered on the blockchain so as not to be made public.
[0104] Une seconde étape supplémentaire pourrait consister à émettre une garantie associée au produit 1. C’est notamment le cas si le produit 1 est un appareil soumis à garantie, typiquement un appareil électronique (télévision, téléphone, machine à laver...). Dans ce cas, la garantie peut être transmise à la société B et au client C, voire aussi au tiers de confiance A. [0104] A second additional step could consist of issuing a guarantee associated with product 1. This is particularly the case if product 1 is a device subject to warranty, typically an electronic device (television, telephone, washing machine, etc.). ). In this case, the guarantee can be transferred to company B and customer C, or even to trusted third party A.
[0105] On pourrait en variante prévoir que la garantie soit inscrite sur la blockchain. [0105] As a variant, provision could be made for the guarantee to be registered on the blockchain.
[0106] L’avantage d’utiliser l’application App pour générer cette garantie est que les données nécessaires à la mise en place de cette garantie (date de la vente égale à la date de la seconde transaction, informations requises de l’acheteur ...) sont déjà connues et n'ont donc pas à être saisies. La raison pour laquelle ces données sont déjà connues est que le client C a saisi ses connées personnelles (nom, adresse....) lorsqu’il a téléchargé l’application App et qu’un compte personnel a été créé. [0106] The advantage of using the App application to generate this guarantee is that the data necessary for setting up this guarantee (sale date equal to the date of the second transaction, information required from the buyer ...) are already known and therefore do not have to be entered. The reason why this data is already known is that customer C entered his personal data (name, address....) when he downloaded the App application and a personal account was created.
[0107] A ce stade, on pourrait prévoir que toute nouvelle transaction du produit 1 soit ignorée par l’application App. Dans cette variante, seule la vente au client C serait alors reconnue comme un changement de propriétaire valide. At this stage, it could be provided that any new transaction of product 1 is ignored by the application App. In this variant, only the sale to customer C would then be recognized as a valid change of ownership.
[0108] Toutefois, de façon préférentielle, il est ici au contraire prévu de permettre au client C (ci-après appelé « premier acheteur ») de revendre le produit 1 à un autre acheteur (ci- après appelé « second acheteur »), tout en permettant au second acheteur de bénéficier des garanties d’authentification offerts par la présente invention. [0108] However, preferentially, it is here on the contrary provided to allow the customer C (hereinafter called "first buyer") to resell the product 1 to another buyer (hereinafter called "second buyer"), while allowing the second buyer to benefit authentication guarantees offered by the present invention.
[0109] Ainsi, le produit 1 pourra faire l’objet d’une troisième transaction, qui sera inscrite dans la blockchain, puis éventuellement encore d’autres transactions subséquentes. On peut alors décrire comment cela est possible. [0109] Thus, product 1 may be the subject of a third transaction, which will be recorded in the blockchain, and then possibly still other subsequent transactions. We can then describe how this is possible.
[0110] Comme cela a été expliqué supra, lorsque le premier acheteur enregistre le produit 1 en scannant la clé privée, la seconde transaction est enregistrée dans la blockchain. Lors de cette seconde transaction, une nouvelle adresse (c’est-à-dire une nouvelle clé publique) du produit est générée par l’application App et est enregistrée dans la blockchain (la clé privée associée est stockée dans l’application App du téléphone mobile 200 du premier acheteur). Cet enregistrement dans la blockchain stocke en outre l’adresse du portefeuille du premier acheteur dans la base de données de l’application App, de façon à permettre de savoir qui est le propriétaire actuel du produit 1 . [0110] As explained above, when the first buyer registers the product 1 by scanning the private key, the second transaction is registered in the blockchain. During this second transaction, a new address (i.e. a new public key) of the product is generated by the App application and is recorded in the blockchain (the associated private key is stored in the App application of the mobile phone 200 of the first buyer). This blockchain record also stores the first buyer's wallet address in the App's database, so that it can be known who is the current owner of the product 1 .
[0111] Avant d’acheter ce produit (au cours du troisième transfert), le second acheteur peut alors vérifier l’authenticité du produit 1. Pour cela, le premier acheteur peut utiliser l’application App stockée dans son téléphone mobile pour autoriser une micro-transaction vers et/ou depuis l’adresse de son portefeuille de produits associées (tel que reconnu par l’application App) vers le portefeuille du deuxième acheteur, confirmant ainsi qu’il est propriétaire de droit du produit. Puis une fois satisfait, le second acheteur peut requérir l’enregistrement de la troisième transaction dans la blockchain pour prouver que la propriété a été transférée au deuxième acheteur. [0111] Before buying this product (during the third transfer), the second buyer can then verify the authenticity of the product 1. For this, the first buyer can use the App application stored in his mobile telephone to authorize a micro-transaction to and/or from the address of its portfolio of associated products (as recognized by the App application) to the portfolio of the second buyer, thus confirming that it is the legal owner of the product. Then once satisfied, the second buyer can request the recording of the third transaction in the blockchain to prove that the property has been transferred to the second buyer.
[0112] La présente invention n’est nullement limitée au mode de réalisation décrit et représenté, mais l’homme du métier saura y apporter toute variante conforme à l’invention. The present invention is in no way limited to the embodiment described and represented, but those skilled in the art will know how to make any variant in accordance with the invention.

Claims

REVENDICATIONS
1. Procédé d’authentification d’un produit (1) au moyen d’un système informatique comportant un registre informatique qui est organisé en chaine de blocs et dans lequel des données associées à des détenteurs de portefeuilles informatiques peuvent être inscrites, le procédé étant caractérisé en ce qu’il comprend des étapes de : 1. Method for authenticating a product (1) by means of a computer system comprising a computer register which is organized in a chain of blocks and in which data associated with holders of computer wallets can be entered, the method being characterized in that it comprises steps of:
- génération, par un détenteur de portefeuille numérique (110), d’une transaction et d’enregistrement de ladite transaction dans le registre informatique, ledit enregistrement comprenant au moins une adresse du portefeuille numérique (110) et une clé publique (Kpub), laquelle clé publique (Kpub) est associée à une clé privée (Kpri), puis - generation, by a holder of a digital wallet (110), of a transaction and recording of said transaction in the computer register, said recording comprising at least one address of the digital wallet (110) and a public key (Kpub), which public key (Kpub) is associated with a private key (Kpri), then
- inscription, sur une première étiquette (10), d’un premier élément graphique (11) dans lequel est codée ladite clé publique (Kpub), - registration, on a first label (10), of a first graphic element (11) in which said public key (Kpub) is coded,
- inscription, sur une seconde étiquette (20) distincte ou non de la première étiquette- inscription, on a second label (20) distinct or not from the first label
(10), d’un second élément graphique (21) dans lequel est codée ladite clé privée (Kpri), (10), a second graphic element (21) in which said private key (Kpri) is encoded,
- apposition sur ledit produit (1) des première et seconde étiquettes (10, 20), de façon que le premier élément graphique (11) soit visible et que le second élément graphique (21) soit invisible tant que ladite seconde étiquette (20) et/ou le produit (1) restent intègres, ledit produit (1) étant authentifié par les première et seconde étiquettes (10, 20).- affixing to said product (1) first and second labels (10, 20), so that the first graphic element (11) is visible and the second graphic element (21) is invisible as long as said second label (20) and/or the product (1) remain intact, said product (1) being authenticated by the first and second labels (10, 20).
2. Procédé d’authentification selon la revendication 1 , dans lequel l’un au moins des premier et second éléments graphiques (11 , 21) se présente sous la forme d’un code-barres ou d’un code bidimensionnel, par exemple d’un QR-code. 2. Authentication method according to claim 1, wherein at least one of the first and second graphic elements (11, 21) is in the form of a barcode or a two-dimensional code, for example d a QR code.
3. Procédé d’authentification selon la revendication 1 ou 2, dans lequel ledit enregistrement comprend également au moins une autre donnée qui est relative au produit (1) et/ou au fabricant dudit produit (1). 3. Authentication method according to claim 1 or 2, wherein said record also includes at least one other piece of data which relates to the product (1) and/or to the manufacturer of said product (1).
4. Procédé de vérification de l’authenticité d’un produit (1) au moyen d’un système informatique qui comporte un registre informatique organisé en chaine de blocs, le produit (1) comportant, sur une première étiquette (10), un premier élément graphique4. Method for verifying the authenticity of a product (1) by means of a computer system which comprises a computer register organized in a chain of blocks, the product (1) comprising, on a first label (10), a first graphic element
(11) dans lequel est codée une clé publique (Kpub), et, sur une seconde étiquette(11) in which is coded a public key (Kpub), and, on a second label
(20) distincte ou non de la première étiquette (10), un second élément graphique (21) dans lequel est codée une clé privée (Kpri) associée à ladite clé publique (Kpub), ledit premier élément graphique (11) étant visible alors que le second élément graphique(20) distinct or not from the first label (10), a second graphic element (21) in which is encoded a private key (Kpri) associated with said public key (Kpub), said first graphic element (11) then being visible than the second graphical element
(21) est invisible tant que ladite seconde étiquette (20) et/ou le produit (1) restent intègres, ledit procédé comprenant des étapes de : (21) is invisible as long as said second label (20) and/or the product (1) remain integrity, said method comprising steps of:
- vérification préliminaire de l’authenticité du produit (1) par lecture du premier élément graphique (11), décodage de la clé publique (Kpub) et vérification que la clé publique (Kpub) est enregistrée dans le registre informatique, - preliminary verification of the authenticity of the product (1) by reading the first graphic element (11), decoding of the public key (Kpub) and verification that the public key (Kpub) is recorded in the computer register,
- corruption de la seconde étiquette (20) ou du produit (1) de façon à rendre le second élément graphique (21) visible, - corruption of the second label (20) or of the product (1) so as to make the second graphic element (21) visible,
- vérification complémentaire de l’authenticité du produit (1) par lecture du second élément graphique (21), décodage de la clé privée (Kpri) et vérification que la clé privée (Kpri) décodée est bien associée à la clé publique (Kpub) décodée, le décodage de la clé privée (Kpri) entraînant automatiquement l’enregistrement d’une nouvelle transaction sur le registre informatique. cédé de vérification selon la revendication 4, dans lequel il est prévu une étape supplémentaire d’acquisition de données qui sont relatives à un individu acquérant ledit produit (1) et qui ont été préalablement saisies sur une interface homme- machine. cédé de vérification selon l’une des revendications 4 et 5, dans lequel il est prévu une étape supplémentaire au cours de laquelle une garantie associée au produit (1) est générée. cédé de vérification selon l’une des revendications 5 et 6, dans lequel chaque étape supplémentaire est automatiquement mise en œuvre après l’étape de vérification complémentaire. - additional verification of the authenticity of the product (1) by reading the second graphic element (21), decoding of the private key (Kpri) and verification that the decoded private key (Kpri) is indeed associated with the public key (Kpub) decoded, the decoding of the private key (Kpri) automatically resulting in the recording of a new transaction on the computer register. Verification certificate according to Claim 4, in which an additional step of acquiring data is provided which relates to an individual acquiring said product (1) and which has been entered beforehand on a man-machine interface. Verification certificate according to one of Claims 4 and 5, in which an additional step is provided during which a guarantee associated with the product (1) is generated. verification procedure according to one of Claims 5 and 6, in which each additional step is automatically implemented after the additional verification step.
EP21819913.1A 2020-12-10 2021-12-08 Device and method for authenticating products Pending EP4260518A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR2012995A FR3117719B1 (en) 2020-12-10 2020-12-10 Product authentication device and method
PCT/EP2021/084799 WO2022122821A1 (en) 2020-12-10 2021-12-08 Device and method for authenticating products

Publications (1)

Publication Number Publication Date
EP4260518A1 true EP4260518A1 (en) 2023-10-18

Family

ID=74871543

Family Applications (1)

Application Number Title Priority Date Filing Date
EP21819913.1A Pending EP4260518A1 (en) 2020-12-10 2021-12-08 Device and method for authenticating products

Country Status (5)

Country Link
US (1) US20240029080A1 (en)
EP (1) EP4260518A1 (en)
CN (1) CN116806421A (en)
FR (1) FR3117719B1 (en)
WO (1) WO2022122821A1 (en)

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI632507B (en) * 2017-06-03 2018-08-11 蔡政育 Product traceability code outputting system
US10554401B1 (en) * 2019-07-05 2020-02-04 Crypto Mint Inc. Multi-address population based on single address

Also Published As

Publication number Publication date
US20240029080A1 (en) 2024-01-25
WO2022122821A1 (en) 2022-06-16
FR3117719A1 (en) 2022-06-17
CN116806421A (en) 2023-09-26
FR3117719B1 (en) 2024-02-23

Similar Documents

Publication Publication Date Title
TWI511518B (en) Improvements relating to multifunction authentication systems
WO2005091232A1 (en) Method for authentication of products
EP1964077A1 (en) Method for certifying and subsequently authenticating original paper or digital documents for the constitution of evidence
FR2804784A1 (en) UNIVERSAL METHOD OF IDENTIFYING AND AUTHENTICATING LIVING OBJECTS, PLANTS OR PLACES
FR2900486A1 (en) Original product or detached part individualizing method for Internet, involves associating confidential code and identifying codes in database on server connected to Internet, and verifying authenticity of product via connection to server
WO2006042913A1 (en) Method for making secure transactions and authentication of objects or documents
WO2010007479A2 (en) Apparatus and method for generating a secure entitlement on the basis of an official entitlement
EP4260518A1 (en) Device and method for authenticating products
EP3895108A1 (en) Device and method for securing secure data for a bank payment card
EP1729264A1 (en) Secure processing procedure for excise stamps
WO2005024682A1 (en) Communication system for traceability monitoring
FR3016457A1 (en) METHOD OF TRACEABILITY OF AUTHENTIC OBJECTS AND SYSTEM FOR IMPLEMENTING THE METHOD
EP2989587B1 (en) Next-generation secure electronic real estate and personal property title (timmop)
EP3032450B1 (en) Method for checking the authenticity of a payment terminal and terminal thus secured
EP0979495B1 (en) Rollup certification in a reader
WO2016207536A1 (en) Methods of affiliation, emancipation and verification between a tutor and a tutee
WO2002065411A2 (en) Method and system for making secure a commercial transaction with a smart card
WO2024074511A1 (en) System for authenticating a physical product associated with a digital work recorded in the form of a non-fungible token
WO2024038092A1 (en) Method for generating an nft cryptographic token from a unique physical token for the purpose of guaranteeing rights associated with a real or virtual object
WO2020183017A1 (en) Method for producing a label comprising a hidden security code and method for implementing said label
FR3101991A1 (en) Object authentication and assurance system and method
EP1198789A1 (en) Secure payment system, enabling to select any amount
FR2848364A1 (en) Secure personalization of documents includes use of several secure sub-assemblies, each comprising memory unit and microcircuit performing authentication
EP1258844A1 (en) Method and system for establishing the proof of an electronic transaction
WO2002075675A2 (en) System and method for replacing identification data on a portable identification device

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20230609

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)